package com.itheima.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
public class UserController {

    @GetMapping("/hello")
    @PreAuthorize("hasAuthority('P1')") // 指定只有P1权限才可以访问
    public String hello(){
        return "hello security";
    }
    
    @GetMapping("/say")
    @PreAuthorize("hasRole('SELLER')") // 指定只有SELLER角色才可以访问
    public String say(){
        return "say security";
    }
    
    @GetMapping("/register")
    public String register(){
        return "register security";
    }
}